I, too, am new to this forum, and I'm having issues with symptoms very similar to the ones described in the following topic.
http://www.geekstogo...re-t250386.html
I took the advice and downloaded Win32kDiag.exe. I try to run the following command ("%userprofile%\desktop\win32kdiag.exe" -f -r) through the Start menu, but I just get the hourglass to blip up for a second, then nothing. This is the same response I get when trying to run anything through the Start-Run command line.
I can't run malwarebytes which I've had success with in the past, and I downloaded AVG which was able to perform a scan, and eliminated the incessant fake Anti-Virus popups, but now that won't run either.
I also can't boot in safe mode without an error. I'm nearing the point where I just reformat, but I'd rather not.
Any ideas? Seems like if I could force a system restore, then I could get beyond this, but I don't know a way to run it.
I appreciate any help!
Thanks!
I've since run Root Repeal and OTL, and have included these logs:
######################### ROOT REPEAL ###############################
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/27 21:05
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xEF59D000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8BA4000 Size: 8192 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xED4F2000 Size: 49152 File Visible: No Signed: -
Status: -
Name: win32k.sys:1
Image Path: C:\WINDOWS\win32k.sys:1
Address: 0xF892C000 Size: 20480 File Visible: No Signed: -
Status: -
Name: win32k.sys:2
Image Path: C:\WINDOWS\win32k.sys:2
Address: 0xF7A44000 Size: 61440 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 173 Function Name: NtQuerySystemInformation
Status: Hooked by "C:\WINDOWS\System32\Drivers\Beep.SYS" at address 0xf86f61a0
==EOF==
############################ OTL ####################################
OTL logfile created on: 8/27/2009 9:08:05 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.40 Mb Total Physical Memory | 260.20 Mb Available Physical Memory | 50.88% Memory free
1.22 Gb Paging File | 0.88 Gb Available in Paging File | 72.14% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.17 Gb Total Space | 14.19 Gb Free Space | 27.19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GEHRIG
Current User Name: Ben
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2004/12/04 04:32:34 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2004/09/07 17:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2004/09/07 17:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2004/09/07 17:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
PRC - [2004/03/04 12:30:48 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE
PRC - [2004/03/04 12:26:20 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXPPS.EXE
PRC - [2004/09/07 17:08:02 | 00,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
PRC - [2009/08/24 19:27:49 | 00,163,840 | ---- | M] () -- C:\WINDOWS\svchast.exe
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/24 21:51:26 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2005/04/30 18:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
PRC - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/05/23 22:43:11 | 00,052,736 | ---- | M] (Macrovision) -- C:\WINDOWS\System32\drivers\CDAC11BA.EXE
PRC - [2005/03/04 00:29:02 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
PRC - [2004/12/04 04:32:34 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2004/09/07 17:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2008/04/13 20:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.exe
PRC - [2009/08/24 21:51:32 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/24 21:51:32 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/02/06 06:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2009/06/29 04:35:10 | 00,634,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/08/27 21:06:42 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/08/24 19:27:49 | 00,163,840 | ---- | M] () -- C:\WINDOWS\svchast.exe -- (AntipPro2009_100 [Auto | Running])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2004/07/15 02:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2004/12/04 04:32:34 | 00,405,504 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2007/09/12 19:27:24 | 00,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Stopped])
SRV - [2009/08/24 21:51:26 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2005/04/30 18:02:26 | 00,086,016 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
SRV - [2008/08/29 11:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007/05/23 22:43:11 | 00,052,736 | ---- | M] (Macrovision) -- C:\WINDOWS\System32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA [Auto | Running])
SRV - File not found -- -- (ccEvtMgr [Auto | Stopped])
SRV - File not found -- -- (ccSetMgr [Auto | Stopped])
SRV - File not found -- -- (CLTNetCnService [Auto | Stopped])
SRV - File not found -- -- (comHost [On_Demand | Stopped])
SRV - [2004/09/07 17:02:40 | 00,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Auto | Running])
SRV - [2008/04/13 20:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - File not found -- -- (ISPwdSvc [On_Demand | Stopped])
SRV - [2004/03/04 12:30:48 | 00,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\LEXBCES.EXE -- (LexBceS [Auto | Running])
SRV - [2007/09/12 19:27:24 | 02,999,664 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - File not found -- -- (LiveUpdate Notice Ex [Auto | Stopped])
SRV - [2007/11/28 20:51:10 | 00,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service [Auto | Stopped])
SRV - [2005/03/04 00:29:02 | 00,356,352 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -- (NICCONFIGSVC [Auto | Running])
SRV - File not found -- -- (OpcEnum [On_Demand | Stopped])
SRV - [2004/09/07 17:02:04 | 00,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Auto | Running])
SRV - [2004/09/07 17:05:10 | 00,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor [Auto | Running])
SRV - File not found -- -- (Symantec Core LC [On_Demand | Stopped])
SRV - File not found -- -- (SymAppCore [Auto | Stopped])
SRV - [2004/09/07 17:12:32 | 00,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe -- (WLANKEEPER [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mlb.mlb.com/index.jsp [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - URLSearchHook: _{4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O1 HOSTS File: (736 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (C:\WINDOWS\system32\tajf83ikdmf.dll) - {BF56A325-23F2-42AD-F4E4-00AAC39CAA53} - C:\WINDOWS\System32\tajf83ikdmf.dll ()
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [braviax] File not found
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe File not found
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe File not found
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\Media Experience\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Adware Professional] C:\Program Files\Adware Professional\Adware Professional.exe ()
O4 - HKCU..\Run: [braviax] C:\WINDOWS\System32\braviax.exe ()
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Windows System Recover!] C:\DOCUME~1\Ben\LOCALS~1\Temp\winlogon.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceClassicControlPanel = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll (BitComet)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1....loadManager.ocx (Get_ActiveX Control)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://employee.nat...perSetupSP1.cab (Reg Error: Key error.)
O16 - DPF: {FC0A65F2-8DFF-4F0F-B411-D4A50311628D} http://xmro.xmradio..../xmprofiler.CAB (XMRADIO.XM_SystemProfiler)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.92.226.40 24.92.226.41
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (cru629.dat\Extensio.) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (rundll32.exe) - File not found
O20 - HKLM Winlogon: Shell - (tapi.nfo) - C:\WINDOWS\System32\tapi.nfo ()
O20 - HKLM Winlogon: Shell - (beforeglav) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O22 - SharedTaskScheduler: {BF56A325-23F2-42AD-F4E4-00AAC39CAA53} - ghya673gidh87we9inkff - C:\WINDOWS\System32\tajf83ikdmf.dll ()
O22 - SharedTaskScheduler: ThreadingModel - Apartment - Reg Error: Key error. File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 18:15:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[3 C:\WINDOWS\System32\*.tmp files]
[2009/12/17 21:16:54 | 00,008,932 | ---- | C] () -- C:\WINDOWS\56ebspywarz1029.bin
[2009/12/08 01:08:08 | 00,017,941 | ---- | C] () -- C:\WINDOWS\System32\c65addw5r92880z.bin
[2009/12/04 20:19:46 | 00,011,230 | ---- | C] () -- C:\WINDOWS\System32\9935s5yze1.bin
[2009/12/04 17:16:07 | 00,012,023 | ---- | C] () -- C:\WINDOWS\System32\4356zpa9bot54c.bin
[2009/11/28 03:16:17 | 00,003,633 | ---- | C] () -- C:\WINDOWS\25885no9-z-virus50f5.bin
[2009/11/21 11:41:33 | 00,018,208 | ---- | C] () -- C:\WINDOWS\640cba5kdoor9941z.bin
[2009/11/19 21:52:59 | 00,010,674 | ---- | C] () -- C:\WINDOWS\System32\4fedste9l2z95.bin
[2009/11/13 19:42:00 | 00,005,520 | ---- | C] () -- C:\WINDOWS\System32\631c9pywzre559.bin
[2009/10/27 12:40:52 | 00,016,704 | ---- | C] () -- C:\WINDOWS\25z38worm395.bin
[2009/10/25 08:02:49 | 00,007,334 | ---- | C] () -- C:\WINDOWS\17c9ad9wa5e207z.bin
[2009/10/20 19:06:06 | 00,004,877 | ---- | C] () -- C:\WINDOWS\z5949virus905.bin
[2009/10/02 04:00:44 | 00,016,906 | ---- | C] () -- C:\WINDOWS\System32\b4cth5ez2954.bin
[2009/09/19 20:05:03 | 00,003,758 | ---- | C] () -- C:\WINDOWS\System32\1443zt9oj325.bin
[2009/09/18 15:03:49 | 00,016,638 | ---- | C] () -- C:\WINDOWS\System32\5aazspar9e2525.bin
[2009/09/17 05:55:19 | 00,014,412 | ---- | C] () -- C:\WINDOWS\4958backdzor596.bin
[2009/09/13 14:58:08 | 00,017,085 | ---- | C] () -- C:\WINDOWS\System32\5789orz7f15.bin
[2009/09/09 02:07:09 | 00,016,650 | ---- | C] () -- C:\WINDOWS\System32\23145spy49z.bin
[2009/09/03 07:51:14 | 00,003,619 | ---- | C] () -- C:\WINDOWS\System32\17941zo5m43.bin
[2009/08/27 21:06:38 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2009/08/27 21:02:46 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\settings.dat
[2009/08/27 21:02:19 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Ben\Desktop\RootRepeal.exe
[2009/08/27 20:55:30 | 03,942,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ben\Desktop\mbam-setup13.exe
[2009/08/27 20:51:54 | 03,942,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ben\Desktop\mbam-setup22.exe
[2009/08/27 20:50:44 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Ben\Desktop\erunt_setup.exe
[2009/08/27 20:44:23 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Ben\Desktop\SysRestorePoint.exe
[2009/08/27 20:43:30 | 00,272,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\TFC.exe
[2009/08/27 19:26:46 | 00,000,986 | ---- | C] () -- C:\Documents and Settings\Ben\My Documents\bo profile.zip
[2009/08/26 08:49:56 | 00,014,091 | ---- | C] () -- C:\WINDOWS\System32\1z194viru91235.bin
[2009/08/25 20:19:04 | 00,008,131 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\holiday_clipart_halloween.gif
[2009/08/25 20:07:02 | 00,074,629 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\bright tree.jpg
[2009/08/25 19:12:18 | 00,125,101 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\green foliage pic.jpg
[2009/08/25 15:20:17 | 00,101,376 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\reply_card.doc
[2009/08/25 12:12:41 | 00,046,080 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Win32kDiag.exe
[2009/08/25 06:39:43 | 00,251,392 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\hijackthis_sfx.exe
[2009/08/25 01:49:46 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\sonhelp.htm
[2009/08/24 23:02:24 | 00,001,382 | ---- | C] () -- C:\WINDOWS\System32\onhelp.htm
[2009/08/24 22:28:45 | 00,008,550 | ---- | C] () -- C:\WINDOWS\System32\wispex.html
[2009/08/24 22:28:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\images
[2009/08/24 21:56:26 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/08/24 21:53:59 | 00,000,004 | ---- | C] () -- C:\WINDOWS\System32\bincd32.dat
[2009/08/24 21:52:13 | 00,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/08/24 21:52:12 | 00,011,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/08/24 21:52:11 | 00,108,552 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/08/24 21:52:04 | 00,335,240 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/08/24 21:52:02 | 00,027,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/08/24 21:51:44 | 40,211,258 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/24 21:51:42 | 00,073,369 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/24 21:51:41 | 00,463,779 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/08/24 21:51:39 | 06,061,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/08/24 21:51:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2009/08/24 21:51:25 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/08/24 21:51:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg8
[2009/08/24 21:39:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Ben\Application Data\AVG8
[2009/08/24 21:07:45 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/08/24 21:07:32 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/08/24 20:33:41 | 00,687,104 | ---- | C] () -- C:\WINDOWS\is-FI9SA.exe
[2009/08/24 20:33:41 | 00,010,498 | ---- | C] () -- C:\WINDOWS\is-FI9SA.msg
[2009/08/24 20:33:41 | 00,000,380 | ---- | C] () -- C:\WINDOWS\is-FI9SA.lst
[2009/08/24 20:11:53 | 00,000,814 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Adware Professional.lnk
[2009/08/24 20:11:51 | 00,000,000 | ---D | C] -- C:\Program Files\Adware Professional
[2009/08/24 19:33:58 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/08/24 19:30:38 | 00,348,329 | ---- | C] () -- C:\WINDOWS\System32\_scui.cpl
[2009/08/24 19:30:38 | 00,001,686 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\PC_Antispyware2010.lnk
[2009/08/24 19:30:33 | 00,000,000 | ---D | C] -- C:\Program Files\PC_Antispyware2010
[2009/08/24 19:27:50 | 00,000,036 | ---- | C] () -- C:\WINDOWS\System32\sysnet.dat
[2009/08/24 19:27:50 | 00,000,009 | ---- | C] () -- C:\WINDOWS\System32\bennuar.old
[2009/08/24 19:27:49 | 00,489,472 | ---- | C] (ASC - AntiSpyware) -- C:\WINDOWS\System32\dddesot.dll
[2009/08/24 19:27:49 | 00,390,144 | ---- | C] () -- C:\WINDOWS\System32\desot.exe
[2009/08/24 19:27:49 | 00,163,840 | ---- | C] () -- C:\WINDOWS\svchast.exe
[2009/08/24 19:27:49 | 00,000,064 | ---- | C] () -- C:\WINDOWS\ppp4.dat
[2009/08/24 19:27:49 | 00,000,004 | ---- | C] () -- C:\WINDOWS\ppp3.dat
[2009/08/24 19:27:47 | 00,001,756 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Windows Antivirus Pro.lnk
[2009/08/24 19:27:21 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Antivirus Pro
[2009/08/24 19:24:43 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\cru629.dat
[2009/08/24 19:24:43 | 00,006,144 | ---- | C] () -- C:\WINDOWS\cru629.dat
[2009/08/24 19:24:38 | 00,011,264 | ---- | C] () -- C:\WINDOWS\braviax.exe
[2009/08/24 19:22:07 | 00,031,237 | ---- | C] () -- C:\WINDOWS\System32\logon.exe
[2009/08/24 19:21:29 | 00,025,088 | ---- | C] () -- C:\WINDOWS\System32\tapi.nfo
[2009/08/24 19:21:17 | 00,000,046 | ---- | C] () -- C:\p2hhr.bat
[2009/08/24 19:21:11 | 00,094,208 | ---- | C] () -- C:\jybmkssu.exe
[2009/08/24 19:20:35 | 00,015,000 | ---- | C] () -- C:\WINDOWS\System32\tajf83ikdmf.dll
[2009/08/24 19:19:47 | 00,069,394 | ---- | C] () -- C:\sdlb.exe
[2009/08/24 19:19:46 | 00,190,745 | ---- | C] () -- C:\WINDOWS\System32\wisdstr.exe
[2009/08/24 19:19:46 | 00,020,992 | ---- | C] () -- C:\lcbckjms.exe
[2009/08/24 19:19:43 | 00,000,002 | -HS- | C] () -- C:\750087425
[2009/08/24 19:19:42 | 00,029,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\beep.sys
[2009/08/24 19:19:40 | 00,011,264 | ---- | C] () -- C:\WINDOWS\System32\braviax.exe
[2009/08/24 19:19:36 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\~.exe
[2009/08/24 13:12:22 | 00,003,202 | ---- | C] () -- C:\WINDOWS\System32\95fadownloazer735.bin
[2009/08/24 10:04:11 | 00,009,870 | ---- | C] () -- C:\WINDOWS\System32\2z650vi5us792.bin
[2009/08/23 16:12:03 | 00,041,538 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\silhouette-tree.gif
[2009/08/23 14:31:54 | 00,027,472 | ---- | C] () -- C:\Documents and Settings\Ben\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/23 08:36:35 | 00,000,388 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Downloads.lnk
[2009/08/22 08:38:29 | 01,283,835 | ---- | C] () -- C:\Documents and Settings\Ben\My Documents\DB_082109.zip
[2009/08/14 18:54:08 | 00,139,776 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Directions & Accomodations.ppt
[2009/08/14 18:20:37 | 00,097,792 | ---- | C] () -- C:\Documents and Settings\Ben\Desktop\Direction Sheet.doc
========== Files - Modified Within 14 Days ==========
[3 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/12/17 21:16:54 | 00,008,932 | ---- | M] () -- C:\WINDOWS\56ebspywarz1029.bin
[2009/12/08 01:08:08 | 00,017,941 | ---- | M] () -- C:\WINDOWS\System32\c65addw5r92880z.bin
[2009/12/04 20:19:46 | 00,011,230 | ---- | M] () -- C:\WINDOWS\System32\9935s5yze1.bin
[2009/12/04 17:16:07 | 00,012,023 | ---- | M] () -- C:\WINDOWS\System32\4356zpa9bot54c.bin
[2009/11/28 03:16:17 | 00,003,633 | ---- | M] () -- C:\WINDOWS\25885no9-z-virus50f5.bin
[2009/11/21 11:41:33 | 00,018,208 | ---- | M] () -- C:\WINDOWS\640cba5kdoor9941z.bin
[2009/11/19 21:52:59 | 00,010,674 | ---- | M] () -- C:\WINDOWS\System32\4fedste9l2z95.bin
[2009/11/13 19:42:00 | 00,005,520 | ---- | M] () -- C:\WINDOWS\System32\631c9pywzre559.bin
[2009/10/27 12:40:52 | 00,016,704 | ---- | M] () -- C:\WINDOWS\25z38worm395.bin
[2009/10/25 08:02:49 | 00,007,334 | ---- | M] () -- C:\WINDOWS\17c9ad9wa5e207z.bin
[2009/10/20 19:06:06 | 00,004,877 | ---- | M] () -- C:\WINDOWS\z5949virus905.bin
[2009/10/02 04:00:44 | 00,016,906 | ---- | M] () -- C:\WINDOWS\System32\b4cth5ez2954.bin
[2009/09/19 20:05:03 | 00,003,758 | ---- | M] () -- C:\WINDOWS\System32\1443zt9oj325.bin
[2009/09/18 15:03:49 | 00,016,638 | ---- | M] () -- C:\WINDOWS\System32\5aazspar9e2525.bin
[2009/09/17 05:55:19 | 00,014,412 | ---- | M] () -- C:\WINDOWS\4958backdzor596.bin
[2009/09/13 14:58:08 | 00,017,085 | ---- | M] () -- C:\WINDOWS\System32\5789orz7f15.bin
[2009/09/09 02:07:09 | 00,016,650 | ---- | M] () -- C:\WINDOWS\System32\23145spy49z.bin
[2009/09/03 07:51:14 | 00,003,619 | ---- | M] () -- C:\WINDOWS\System32\17941zo5m43.bin
[2009/08/27 21:17:00 | 00,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2009/08/27 21:06:42 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\OTL.exe
[2009/08/27 21:02:46 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\settings.dat
[2009/08/27 21:02:24 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\Ben\Desktop\RootRepeal.exe
[2009/08/27 20:56:46 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/27 20:55:41 | 03,942,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ben\Desktop\mbam-setup13.exe
[2009/08/27 20:52:04 | 03,942,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ben\Desktop\mbam-setup22.exe
[2009/08/27 20:50:51 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Ben\Desktop\erunt_setup.exe
[2009/08/27 20:50:23 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Ben\Desktop\SysRestorePoint.exe
[2009/08/27 20:48:25 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/27 20:47:49 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/08/27 20:47:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/27 20:47:10 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/27 20:47:07 | 53,630,9760 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/27 20:46:56 | 00,011,264 | ---- | M] () -- C:\WINDOWS\System32\braviax.exe
[2009/08/27 20:46:56 | 00,011,264 | ---- | M] () -- C:\WINDOWS\braviax.exe
[2009/08/27 20:46:56 | 00,006,144 | ---- | M] () -- C:\WINDOWS\System32\cru629.dat
[2009/08/27 20:46:56 | 00,006,144 | ---- | M] () -- C:\WINDOWS\cru629.dat
[2009/08/27 20:43:35 | 00,272,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ben\Desktop\TFC.exe
[2009/08/27 19:26:47 | 00,000,986 | ---- | M] () -- C:\Documents and Settings\Ben\My Documents\bo profile.zip
[2009/08/27 19:17:20 | 40,211,258 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/08/27 19:16:06 | 00,073,369 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/08/26 08:49:56 | 00,014,091 | ---- | M] () -- C:\WINDOWS\System32\1z194viru91235.bin
[2009/08/25 20:18:52 | 00,008,131 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\holiday_clipart_halloween.gif
[2009/08/25 20:06:33 | 00,074,629 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\bright tree.jpg
[2009/08/25 19:11:40 | 00,125,101 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\green foliage pic.jpg
[2009/08/25 15:20:17 | 00,101,376 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\reply_card.doc
[2009/08/25 12:12:44 | 00,046,080 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Win32kDiag.exe
[2009/08/25 06:39:44 | 00,251,392 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\hijackthis_sfx.exe
[2009/08/25 06:31:00 | 00,390,144 | ---- | M] () -- C:\WINDOWS\System32\desot.exe
[2009/08/25 06:31:00 | 00,000,064 | ---- | M] () -- C:\WINDOWS\ppp4.dat
[2009/08/25 06:31:00 | 00,000,004 | ---- | M] () -- C:\WINDOWS\ppp3.dat
[2009/08/25 06:23:13 | 00,001,382 | ---- | M] () -- C:\WINDOWS\System32\onhelp.htm
[2009/08/25 04:50:07 | 00,489,472 | ---- | M] (ASC - AntiSpyware) -- C:\WINDOWS\System32\dddesot.dll
[2009/08/25 01:49:46 | 00,000,030 | ---- | M] () -- C:\WINDOWS\System32\sonhelp.htm
[2009/08/24 21:56:52 | 00,000,004 | ---- | M] () -- C:\WINDOWS\System32\bincd32.dat
[2009/08/24 21:52:13 | 00,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2009/08/24 21:52:12 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/08/24 21:52:11 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2009/08/24 21:52:04 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/08/24 21:52:02 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/08/24 21:51:42 | 00,463,779 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/08/24 21:51:41 | 06,061,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\avi7.avg
[2009/08/24 20:59:12 | 00,348,329 | ---- | M] () -- C:\WINDOWS\System32\_scui.cpl
[2009/08/24 20:33:41 | 00,687,104 | ---- | M] () -- C:\WINDOWS\is-FI9SA.exe
[2009/08/24 20:33:41 | 00,010,498 | ---- | M] () -- C:\WINDOWS\is-FI9SA.msg
[2009/08/24 20:33:41 | 00,000,380 | ---- | M] () -- C:\WINDOWS\is-FI9SA.lst
[2009/08/24 20:11:53 | 00,000,814 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Adware Professional.lnk
[2009/08/24 19:30:38 | 00,001,686 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\PC_Antispyware2010.lnk
[2009/08/24 19:27:50 | 00,000,036 | ---- | M] () -- C:\WINDOWS\System32\sysnet.dat
[2009/08/24 19:27:50 | 00,000,009 | ---- | M] () -- C:\WINDOWS\System32\bennuar.old
[2009/08/24 19:27:49 | 00,163,840 | ---- | M] () -- C:\WINDOWS\svchast.exe
[2009/08/24 19:27:47 | 00,001,756 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Windows Antivirus Pro.lnk
[2009/08/24 19:21:17 | 00,000,046 | ---- | M] () -- C:\p2hhr.bat
[2009/08/24 19:21:15 | 00,094,208 | ---- | M] () -- C:\jybmkssu.exe
[2009/08/24 19:21:11 | 00,000,002 | -HS- | M] () -- C:\750087425
[2009/08/24 19:20:35 | 00,031,237 | ---- | M] () -- C:\WINDOWS\System32\logon.exe
[2009/08/24 19:20:35 | 00,015,000 | ---- | M] () -- C:\WINDOWS\System32\tajf83ikdmf.dll
[2009/08/24 19:19:48 | 00,190,745 | ---- | M] () -- C:\WINDOWS\System32\wisdstr.exe
[2009/08/24 19:19:48 | 00,069,394 | ---- | M] () -- C:\sdlb.exe
[2009/08/24 19:19:47 | 00,025,088 | ---- | M] () -- C:\WINDOWS\System32\tapi.nfo
[2009/08/24 19:19:47 | 00,020,992 | ---- | M] () -- C:\lcbckjms.exe
[2009/08/24 19:19:41 | 00,029,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\beep.sys
[2009/08/24 19:19:41 | 00,029,184 | ---- | M] () -- C:\WINDOWS\System32\dllcache\beep.sys
[2009/08/24 19:19:36 | 00,077,824 | ---- | M] () -- C:\WINDOWS\System32\~.exe
[2009/08/24 13:12:22 | 00,003,202 | ---- | M] () -- C:\WINDOWS\System32\95fadownloazer735.bin
[2009/08/24 10:04:11 | 00,009,870 | ---- | M] () -- C:\WINDOWS\System32\2z650vi5us792.bin
[2009/08/23 16:11:45 | 00,041,538 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\silhouette-tree.gif
[2009/08/23 15:50:28 | 00,125,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/23 14:38:26 | 00,027,472 | ---- | M] () -- C:\Documents and Settings\Ben\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/23 08:37:02 | 00,000,388 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Downloads.lnk
[2009/08/22 08:38:36 | 01,283,835 | ---- | M] () -- C:\Documents and Settings\Ben\My Documents\DB_082109.zip
[2009/08/14 19:29:00 | 00,111,616 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Directions.ppt
[2009/08/14 19:28:57 | 00,139,776 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Directions & Accomodations.ppt
[2009/08/14 19:27:46 | 00,097,792 | ---- | M] () -- C:\Documents and Settings\Ben\Desktop\Direction Sheet.doc
[2009/08/13 23:40:33 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== LOP Check ==========
[2009/08/24 21:51:25 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/12/28 20:55:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/05/02 19:18:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2005/08/05 15:05:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2008/01/23 21:35:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell
[2005/09/26 21:08:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dell Photo Printer 720
[2005/08/05 15:02:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intel
[2005/08/05 15:14:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2007/03/01 00:11:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2008/11/20 21:31:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments
[2004/08/11 18:25:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2007/02/02 19:33:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/08/24 21:39:35 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Ben\Application Data
[2009/04/26 17:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\BitDefender
[2005/08/11 16:23:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\COREL
[2005/08/10 22:54:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\CyberLink
[2005/08/05 15:02:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Intel
[2009/03/02 07:41:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Juniper Networks
[2005/08/12 22:15:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Leadertech
[2005/09/15 22:16:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Mathsoft
[2009/08/14 08:04:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Move Networks
[2007/01/10 20:47:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\OLYMPUS
[2009/02/05 07:51:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\TigerPlayer
[2006/01/02 20:49:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Toshiba
[2009/05/28 20:38:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\U3
[2007/02/02 19:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Ben\Application Data\Viewpoint
[2004/08/04 06:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/08/27 20:47:19 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/08/27 21:17:00 | 00,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\Symantec NetDetect.job
[2009/08/27 20:47:49 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2009/08/24 19:21:15 | 00,094,208 | ---- | M] () -- C:\jybmkssu.exe
[2009/08/24 19:19:47 | 00,020,992 | ---- | M] () -- C:\lcbckjms.exe
[2009/08/24 19:19:48 | 00,069,394 | ---- | M] () -- C:\sdlb.exe
< %systemroot%\system32\eventlog.dll >
[2008/04/13 20:11:53 | 00,063,488 | ---- | M] () -- C:\WINDOWS\system32\eventlog.dll
[3 C:\WINDOWS\system32\*.tmp files]
< %systemroot%\system32\scecli.dll >
[2008/04/13 20:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
[3 C:\WINDOWS\system32\*.tmp files]
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
[2008/04/13 20:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\logevent.dll
[3 C:\WINDOWS\system32\*.tmp files]
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Ben\Desktop\MOV00641.MPG:SummaryInformation
< End of report >
############################ EXTRAS ###############################
OTL Extras logfile created on: 8/27/2009 9:08:05 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Ben\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
511.40 Mb Total Physical Memory | 260.20 Mb Available Physical Memory | 50.88% Memory free
1.22 Gb Paging File | 0.88 Gb Available in Paging File | 72.14% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.17 Gb Total Space | 14.19 Gb Free Space | 27.19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GEHRIG
Current User Name: Ben
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- C:\WINDOWS\System32\desot.exe ()
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"13761:TCP" = 13761:TCP:*:Enabled:BitComet 13761 TCP
"13761:UDP" = 13761:UDP:*:Enabled:BitComet 13761 UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Internal Network Card Power Management
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{78D944D7-A97B-4004-AB0A-B5AD06839940}" = My Way Search Assistant
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{82D9302E-F209-4805-B548-52087047483A}" = Python 2.4
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0.5
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adware Professional 5.0_is1" = Adware Professional v5.0
"ATI Display Driver" = ATI Display Driver
"AVG8Uninstall" = AVG Free 8.5
"BitComet" = BitComet 1.07
"CdaC13Ba" = SafeCast Shared Components
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.9x Modem
"Dell Photo Printer 720" = Dell Photo Printer 720
"Dell Photo Printer 720 Logger" = Dell Photo Printer 720 Logger
"Diamond Mind Baseball version 9" = Diamond Mind Baseball version 9
"DMB version 9a patch" = DMB version 9a patch
"DMB version 9c patch" = DMB version 9c patch
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyWaySearchAssistantDE" = My Way Search Assistant
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PC_Antispyware2010" = PC Antispyware 2010
"ProInst" = Intel® PROSet/Wireless Software
"RealPlayer 6.0" = RealPlayer Basic
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"Win Antivirus Pro" = Windows Antivirus Pro
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Term_Services" = Juniper Terminal Services Client
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/24/2009 7:54:54 PM | Computer Name = GEHRIG | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16850, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/25/2009 9:03:21 AM | Computer Name = GEHRIG | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16850, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/27/2009 5:48:50 PM | Computer Name = GEHRIG | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16850, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/30/2009 4:22:59 PM | Computer Name = GEHRIG | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 8/5/2009 9:54:13 AM | Computer Name = GEHRIG | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
<http://www.download....029037F096.crt>
with error: This operation returned because the timeout period expired.
Error - 8/5/2009 9:54:13 AM | Computer Name = GEHRIG | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
<http://www.download....029037F096.crt>
with error: The specified server cannot perform the requested operation.
Error - 8/25/2009 6:54:59 AM | Computer Name = GEHRIG | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
[ Application Events ]
Error - 7/24/2009 7:54:54 PM | Computer Name = GEHRIG | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16850, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/25/2009 9:03:21 AM | Computer Name = GEHRIG | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16850, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/27/2009 5:48:50 PM | Computer Name = GEHRIG | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16850, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/30/2009 4:22:59 PM | Computer Name = GEHRIG | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 8/5/2009 9:54:13 AM | Computer Name = GEHRIG | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
<http://www.download....029037F096.crt>
with error: This operation returned because the timeout period expired.
Error - 8/5/2009 9:54:13 AM | Computer Name = GEHRIG | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
<http://www.download....029037F096.crt>
with error: The specified server cannot perform the requested operation.
Error - 8/25/2009 6:54:59 AM | Computer Name = GEHRIG | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BA from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro
[ System Events ]
Error - 8/26/2009 8:10:45 PM | Computer Name = GEHRIG | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl SRTSP SRTSPX SYMTDI
Error - 8/27/2009 7:15:44 PM | Computer Name = GEHRIG | Source = DCOM | ID = 10010
Description = The server {000C101C-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.
Error - 8/27/2009 7:21:34 PM | Computer Name = GEHRIG | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the LiveUpdate Notice Service
service to connect.
Error - 8/27/2009 7:21:34 PM | Computer Name = GEHRIG | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Automatic LiveUpdate
Scheduler service to connect.
Error - 8/27/2009 7:21:34 PM | Computer Name = GEHRIG | Source = Service Control Manager | ID = 7000
Description = The Automatic LiveUpdate Scheduler service failed to start due to
the following error: %%1053
Error - 8/27/2009 7:21:34 PM | Computer Name = GEHRIG | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl SRTSP SRTSPX SYMTDI
Error - 8/27/2009 8:48:28 PM | Computer Name = GEHRIG | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the LiveUpdate Notice Service
service to connect.
Error - 8/27/2009 8:48:28 PM | Computer Name = GEHRIG | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Automatic LiveUpdate
Scheduler service to connect.
Error - 8/27/2009 8:48:28 PM | Computer Name = GEHRIG | Source = Service Control Manager | ID = 7000
Description = The Automatic LiveUpdate Scheduler service failed to start due to
the following error: %%1053
Error - 8/27/2009 8:48:28 PM | Computer Name = GEHRIG | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl SRTSP SRTSPX SYMTDI
< End of report >
Edited by bskier13, 30 August 2009 - 05:08 AM.